Expert(s):
Vice President of Cybersecurityfeature_status*/ ?>
Digital Guardian

Comments Dotted : 9
October 06, 2020

Experts On UK’s HMRC ‘Bombarded’ By 5,000 Malicious Email Attacks Every Day
Relying on individuals to be security savvy enough to prevent these attacks is misguided.
We are definitely seeing a huge rise with phishing attacks in a COVID-19 theme being the primary aggressor. I wouldn't necessarily say the total number of cyberattacks has gone up. I do think the method by which they're carrying out these attacks is that they're leveraging this opportunity. Because these highly lucrative attacks are succeeding, they will continue to attract more groups willing to attempt their methods. It’s time that businesses consider applying security to their business.....Read More
We are definitely seeing a huge rise with phishing attacks in a COVID-19 theme being the primary aggressor. I wouldn't necessarily say the total number of cyberattacks has gone up. I do think the method by which they're carrying out these attacks is that they're leveraging this opportunity. Because these highly lucrative attacks are succeeding, they will continue to attract more groups willing to attempt their methods. It’s time that businesses consider applying security to their business practices because IT security tools are not infallible against human behaviour. Relying on individuals to be security savvy enough to prevent these attacks is misguided. Yes, everyone should be educated but organisations have to do as much as possible to reduce the chance of individuals having to face these risk prone interactions with technological means.  Read Less
October 01, 2020

Healthcare Giant UHS Hit By Ransomware Attack: Expert Commentary
Not to mention protecting sensitive data and PII information which inevitably becomes a primary target in soliciting payment.
Even during a pandemic, ransomware distributors continue to take advantage of the healthcare industry while medical professionals are continuously working hard to slow down the contagion and save lives. Cybercriminal gangs only care about one thing; to profit even at the greatest expense of all. Some ransomware developers have signaled to the industry that they would not target healthcare facilities to show some sign of empathy, however, these statements are clearly non-binding and will.....Read More
Even during a pandemic, ransomware distributors continue to take advantage of the healthcare industry while medical professionals are continuously working hard to slow down the contagion and save lives. Cybercriminal gangs only care about one thing; to profit even at the greatest expense of all. Some ransomware developers have signaled to the industry that they would not target healthcare facilities to show some sign of empathy, however, these statements are clearly non-binding and will continue. These actions should only further enforce the requirement for all businesses running computing technology that support health services to implement controls and technology that actually work to prevent the spread of ransomware or any other form of cyberattack that disrupts operations. The Ryuk Ransomware, which is believed to be associated with the UHS attack, is commonly delivered via email from phishing links or attachments. There are a myriad of controls that could stop this from email filtering, end-user security awareness, patching devices, endpoint protection platforms, to anti-virus. Hospitals need to fund cybersecurity programs more appropriately with a focus on gaining the right level of visibility across the environment and providing regular training to staff given the amount of responsibility they have on keeping patients safe. Not to mention protecting sensitive data and PII information which inevitably becomes a primary target in soliciting payment.  Read Less
September 07, 2020

Experts Insight On Ransomware attack on Argentina federal agency
We strongly encourage federal agencies to patch vulnerabilities as quickly as they can while ensuring all systems and programs are up to date.
Ransomware is incredibly dangerous as it not only encrypts sensitive data, rendering it inaccessible, but it can also disrupt critical applications and systems, causing major outages and stoppages in operations. We can expect cybercriminals to continue to exploit common vulnerabilities in these types of opportunistic ransomware campaigns - and we strongly encourage federal agencies to patch vulnerabilities as quickly as they can while ensuring all systems and programs are up to date.
August 18, 2020

Security Experts On Carnival Hit With Ransomware Attack Exposing Data
Ransomware is incredibly dangerous as it not only encrypts sensitive data, rendering it inaccessible, but it can also disrupt critical applications.
Ransomware is incredibly dangerous as it not only encrypts sensitive data, rendering it inaccessible, but it can also disrupt critical applications and systems, causing major outages and stoppages in operations. We can expect cybercriminals to continue to exploit common vulnerabilities in these types of opportunistic ransomware campaigns - and we strongly encourage companies to patch vulnerabilities as quickly as they can while ensuring all systems and programs are up to date.
July 17, 2020

Experts Insight On Major US Twitter Accounts Hacked in Bitcoin Scam
Regardless of how far or deep, Twitter’s first job is explaining exactly what transpired and why, and what will be done to repair what is now a damaged trust.
Insider driven attacks are the hardest nut to crack – whether they are malicious or unintentional because of the abuse of valid access. With Twitter acknowledging that inside role, the next question becomes – how was the act as invasive and possible at such scale? That seems to be a question whose answer lies in the insider tool used. What does that tool enable in terms of access and control, who has access to it, and what are the mechanisms for oversight? Whether one or 10 people, the.....Read More
Insider driven attacks are the hardest nut to crack – whether they are malicious or unintentional because of the abuse of valid access. With Twitter acknowledging that inside role, the next question becomes – how was the act as invasive and possible at such scale? That seems to be a question whose answer lies in the insider tool used. What does that tool enable in terms of access and control, who has access to it, and what are the mechanisms for oversight? Whether one or 10 people, the ability to post (and even pin based on reports and social media traffic) on behalf of a user without triggering action is unsettling at best. What about access to DMs? And what else were the attackers able to do once inside beyond those tweets. Regardless of how far or deep, Twitter’s first job is explaining exactly what transpired and why, and what will be done to repair what is now a damaged trust.  Read Less
July 07, 2020

Expert On Insta Star Used BEC Fraud Attack to Steal £100m from Football Club
Business Email Compromise continues to be a significant issue.
Business Email Compromise continues to be a significant issue. Companies will traditionally roll out security awareness training to their employees about not opening suspicious email attachments or clicking on links, but how many companies train their staff to refuse or question a direct command from senior staff? The art of “whaling” aims to compromise a senior staff member’s email and then use that to instruct junior staff to make payments to bank accounts of fraudsters. Because.....Read More
Business Email Compromise continues to be a significant issue. Companies will traditionally roll out security awareness training to their employees about not opening suspicious email attachments or clicking on links, but how many companies train their staff to refuse or question a direct command from senior staff? The art of “whaling” aims to compromise a senior staff member’s email and then use that to instruct junior staff to make payments to bank accounts of fraudsters. Because these highly lucrative attacks are succeeding, they will continue to attract more groups willing to attempt their methods. It’s time that businesses consider applying security to their business practices because IT security tools are not infallible against human behaviour. As an example, train your staff to require third party validation for any financial transaction or introduce payment procedures requiring multiple sets of independent eyes. Malicious individuals are abusing the fact that junior staff implicitly trust their seniors and act quickly as instructed. You must put in place processes and beliefs that when unordinary requests come through they should be questioned.  Read Less
April 21, 2020

2,000 Coronavirus Scammers Taken Offline In NCSC Phishing Crackdown – Experts Reaction
I do think the method by which they're carrying out these attacks is that they're leveraging this opportunity.
We are definitely seeing a huge rise with phishing attacks in a COVID-19 theme being the primary aggressor," he said. "I wouldn't necessarily say the total number of cyberattacks has gone up. I do think the method by which they're carrying out these attacks is that they're leveraging this opportunity. Because these highly lucrative attacks are succeeding, they will continue to attract more groups willing to attempt their methods. It’s time that businesses consider applying security to their.....Read More
We are definitely seeing a huge rise with phishing attacks in a COVID-19 theme being the primary aggressor," he said. "I wouldn't necessarily say the total number of cyberattacks has gone up. I do think the method by which they're carrying out these attacks is that they're leveraging this opportunity. Because these highly lucrative attacks are succeeding, they will continue to attract more groups willing to attempt their methods. It’s time that businesses consider applying security to their business practices because IT security tools are not infallible against human behaviour.  Read Less
April 21, 2020

Experts Insight On Coronavirus Scammers Taken Offline In Major Phishing Crackdown
I do think the method by which they're carrying out these attacks is that they're leveraging this opportunity.
We are definitely seeing a huge rise with phishing attacks in a COVID-19 theme being the primary aggressor," he said. "I wouldn't necessarily say the total number of cyberattacks has gone up. I do think the method by which they're carrying out these attacks is that they're leveraging this opportunity. Because these highly lucrative attacks are succeeding, they will continue to attract more groups willing to attempt their methods. It’s time that businesses consider applying security to their.....Read More
We are definitely seeing a huge rise with phishing attacks in a COVID-19 theme being the primary aggressor," he said. "I wouldn't necessarily say the total number of cyberattacks has gone up. I do think the method by which they're carrying out these attacks is that they're leveraging this opportunity. Because these highly lucrative attacks are succeeding, they will continue to attract more groups willing to attempt their methods. It’s time that businesses consider applying security to their business practices because IT security tools are not infallible against human behaviour.  Read Less
December 10, 2019

2020 Cybersecurity Landscape: 100+ Experts’ Predictions
I believe we'll see state-sponsored attacks being carried out much more; possibly even against critical infrastructure.
I think geopolitical relationships around the world have increasingly become strained and uncertain with direction and I believe we'll see state-sponsored attacks being carried out much more; possibly even against critical infrastructure. There have been a number of attempts and even successful attacks against these types of systems but for the most part they've all been isolated incidents. One can only wonder though if these attacks were merely conducted to set up backdoor functionality for a.....Read More
I think geopolitical relationships around the world have increasingly become strained and uncertain with direction and I believe we'll see state-sponsored attacks being carried out much more; possibly even against critical infrastructure. There have been a number of attempts and even successful attacks against these types of systems but for the most part they've all been isolated incidents. One can only wonder though if these attacks were merely conducted to set up backdoor functionality for a future panic button push to cripple the target's systems. Not to mention the considerable adoption of IoT devices connecting once-segregated Operations Technology (OT) environments; which only further widens the attack landscape. The security in these environments need to be fully assessed and controls need to be put in place as soon as possible in order to mitigate against future attacks. It's only a matter of time.  Read Less